# Security

## External domain whitelisting:

You can whitelist specific domains in order to allow only specific external sources to be requested. In addition, you can combine Domain whitelisting with Aliases to send custom headers to a non-public external storage for authentication purposes.

In order to set the whitelisting configuration for a specific domain, you need to have an Owner, Admin, Manager or Developer [User Role](/vxp-visual-experience-platform/settings/organisation/users/users.md#user-role) and to go to Settings > Optimization > Delivery > (tab) Security.

Then click on `+ Add domain` and enter the domain name that you would like to whitelist without the https\://- part:

<figure><img src="/files/5c6JfVwfYTu2QGVkmQCH" alt=""><figcaption></figcaption></figure>

In the example above, domain `sample.li` is whitelisted. Which means that if we try to process an image with any other domain except `sample.li`(eg: [www.your-own-domain.com](http://www.your-own-domain.com)), the system will return an error status code 406 (Not Acceptable).

If you prefer, this response can be changed to HTTP 404 (Default missing image).

<figure><img src="/files/hH8wiICzxYPp9oeBYatY" alt=""><figcaption></figcaption></figure>

Aliases are also supported. In case you have set a [Standard](/dynamic-media-optimization-dmo/settings/delivery/url-format.md#aliases) or a [Storage](/dynamic-media-optimization-dmo/settings/asset-origin.md) alias, you can add it as a value (eg: `_myalias_`) in the list of Whitelisted domains.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.scaleflex.com/dynamic-media-optimization-dmo/settings/delivery/security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.